×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Security Analyst; Infosec - Level Iv

Job in Virginia Beach, Virginia, 23450, USA
Listing for: Hispanic Alliance for Career Enhancement
Full Time position
Listed on 2025-12-02
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below
Position: SECURITY ANALYST (INFOSEC - LEVEL IV)

Job Summary: Serve as a Senior Information Security Analyst Alternate ISSM with responsibility of developing, maintaining, and supporting NEXCOM’s Information Assurance program and associated security controls within the NEXCOM Enterprise environment. Perform security assessments and associated reports. Maintain the NEXCOM IAVM program. Maintain compliance with current DoD DON cybersecurity policy. Process and review System Security Reviews (SSR). Maintain DIACAP/RMF accreditations for existing and future NEXCOM systems.

Include working with stakeholders, both leadership and subject‑matter experts, to build a holistic view of NEXCOM’s strategy, processes, information, and security posture.

Incumbents must be U.S. citizens.

Duties and Responsibilities:
  • Mentor and provide instruction and guidance to lower‑level Info Sec Analysts.
  • Perform excellent analytical and problem‑solving tasks.
  • Maintain and track IAVM program compliance.
  • Review and document security assessments of computing environments through the SSR process to identify points of vulnerability and non‑compliance with established IA standards and regulations.
  • Track FISMA contingency plan testing compliance.
  • Assist CSWF‑PM with maintaining and tracking CSWF program compliance.
  • Perform quarterly audit reviews and reporting.
  • Ensure expertise with compliance and regulatory requirements such as DIACAP, RMF, PCI, PII, SOX.
  • Complete weekly metric reports for Code IS.
  • Analyze STIG and ACAS reports and advise system administrators on acceptable mitigation measures.
  • Compile all required artifacts for DIACAP and RMF authorization packages and work through obtaining an Authorization to Operate.
  • Ensure security deficiencies identified during security/certification testing have been mitigated, corrected, or a risk acceptance has been obtained by the appropriate authorized representative.
  • Perform data security assessments of applications, servers, databases, and other network components and associated processes against PCI DSS standards to identify areas of non‑compliance.
  • Process and authorize NEXCOM system access through SAAR and PAA agreements.
  • Provide system‑related input on IA security requirements for procurement documents such as statements of work.
  • Performs other related duties as assigned.
Cyber IT/CSWF

Position Requirements
  • Position designated Cyber IT/Cybersecurity Workforce position in specialty area 72.
  • Must comply with the DON Cyber IT/CSWF Program requirements of SECNAV M‑5239.2, which include:
    • Earn and maintain appropriate credentials from the Cyber IT/CSWF Qualification Matrix.
    • Participate annually in 40 hours of continuous learning (CL) activities, documented in a current IDP signed by employee and supervisor.
  • Required minimum cybersecurity credentials:
    • Education:

      Graduate degree from accredited university OR CNSSI 4012 Senior Systems Manager.
    • Certification:
      At least one of CAP, CISM, CISSP, CASP ce, GSLC.
  • Position designated IT‑1 (Critical‑Sensitive) per SECNAV M‑5510.30; requires favorable SSBI.
  • Must obtain a top‑secret clearance within 6 months of appointment; failure to obtain results in termination.
Experience and Education
  • General

    Experience:

     Three years performing certification and accreditation work, including system analysis, documentation, and communication.
  • Substitution of Experience for

    Education:

     One year of related academic study above high school may be substituted for nine months of experience, up to a maximum of a 4‑year bachelor’s degree in Computer Science, Cyber Security, Information Technology, or related field, for 3 years of general experience.
  • Specialized

    Experience:

     Four years in at least two of the following:
    • Security control assessments and reports
    • Research and analysis of cybersecurity policy
    • IT security compliance and reporting
    • System risk analysis
    • Drafting DIACAP/RMF authorization packages
    • Or one year experience at the next lowest level of this position
Clearance and Eligibility
  • Candidates must be U.S. citizens and eligible for a Secret clearance within 6 months of appointment.
  • Failure to obtain required clearance results in termination.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search